A Novel Trust Based Access Control Model for Cloud Environment

  • Pratap Kumar Behera
  • Pabitra Mohan Khilar
Conference paper
Part of the Lecture Notes in Electrical Engineering book series (LNEE, volume 395)


Cloud computing is a service oriented technology which offers the services (IaaS, PaaS, and SaaS) as a utility over the Internet. Since cloud computing is one of the most popular form of Internet application, the resources and services in cloud environment is more vulnerable to security threats and attacks. In order to protect the cloud environment from malicious users, we proposed a novel trust based access control model. The proposed model authorize the user based on user trust value before entering to cloud environment. The user must be trusted before accessing the resources and the resources must be trusted before providing the services to the user. In this paper, we evaluate the trust value of both user and cloud resources. The user trust value is evaluated based on the user behaviour parameter and the resource trust value is evaluated based on the Service Level Agreement (SLA) parameter. If the trust value of both users and cloud resources are more than their threshold value then they are considered as trusted. We implement the proposed model using java and oracle as database server. The implementation result shows the trust value of different type of users and CSP and compare with the QoS model. The proposed model performs better than QoS model in terms of Rate of Successful Transaction (RST).


Authorization Access control SLA parameter Cloud computing 


  1. 1.
    Xiao, Zhifeng, and Yang Xiao. Security and privacy in cloud computing. Communications Surveys & Tutorials, IEEE 15, no. 2 (2013): 843–859.Google Scholar
  2. 2.
    S. K. Panda, P. K. Jana. Efficient task scheduling algorithms for heterogeneous multi-cloud environment. The Journal of Super Computing 71(4): 1505–1533 (2015).Google Scholar
  3. 3.
    Mell, Peter, and Tim Grance. The NIST definition of cloud computing. (2011).Google Scholar
  4. 4.
    Samarati, Pierangela, and Sabrina Capitani de Vimercati. Access control: Policies, models, and mechanisms. In Foundations of Security Analysis and Design, pp.137–196. Springer Berlin Heidelberg, 2001.Google Scholar
  5. 5.
    Younis, Younis A., Kashif Kifayat, and Madjid Merabti. An access control model for cloud computing. Journal of Information Security and Applications 19, no. 1 (2014): 45–60.Google Scholar
  6. 6.
  7. 7.
    Samarati, Pierangela, and Sabrina De Capitani Di Vimercati. “Access control: Policies, models, and mechanisms.” Lecture notes in computer science (2001): 137–196.Google Scholar
  8. 8.
    Sandhu, Ravi S., Edward J. Coyne, Hal L. Feinstein, and Charles E. Youman. Role-based access control models. Computer 29, no. 2 (1996): 38–47.Google Scholar
  9. 9.
    Grandison, Tyrone, and Morris Sloman. A survey of trust in internet applications. Communications Surveys & Tutorials, IEEE 3, no. 4 (2000): 2–16.Google Scholar
  10. 10.
    Lin, Guoyuan, Danru Wang, Yuyu Bie, and Min Lei. MTBAC: A mutual trust based access control model in Cloud computing. Communications, China 11, no.4 (2014): 154–162.Google Scholar
  11. 11.
    Manuel, Paul. A trust model of cloud computing based on Quality of Service. Annals of Operations Research (2013): 1–12.Google Scholar
  12. 12.
    Gupta, P., Kumar Goyal, M., Kumar, P., & Aggarwal, A. (2013). Trust and reliability based scheduling algorithm for cloud IaaS. In Lecture notes in electrical engineering: Vol. 150. Proceedings of the third international conference on trends in information, telecommunication and computing (pp. 603607).Google Scholar

Copyright information

© Springer India 2017

Authors and Affiliations

  1. 1.Indian Institute of Technology RoorkeeRoorkeeIndia
  2. 2.National Institute of Technology RourkelaRourkelaIndia

Personalised recommendations